package net.unimus.core.service.connection.ssh;

import com.jcraft.jsch.ChannelShell;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
import java.io.IOException;
import java.net.UnknownHostException;
import java.util.Collections;
import java.util.concurrent.ExecutorService;
import net.sf.expectit.Result;
import net.sf.expectit.matcher.Matcher;
import net.sf.expectit.matcher.Matchers;
import net.unimus.core.cli.login.results.CliLoginResult;
import net.unimus.core.cli.login.states.States;
import net.unimus.core.service.connection.AbstractCliConnection;
import net.unimus.core.service.connection.CliConnectionManager;
import net.unimus.core.service.connection.CliProperties;
import net.unimus.core.service.connection.DeviceOutputCollector;
import net.unimus.core.service.connection.cache.CliCachingPolicy;
import net.unimus.core.service.connection.exceptions.PasswordChangeRequestedException;
import net.unimus.core.service.connection.result.ConnectAndAuthenticateResult;
import org.apache.juli.JdkLoggerFormatter;
import software.netcore.core_api.data.Credential;
import software.netcore.core_api.operation.discovery.data.AuthenticationError;
import software.netcore.core_api.operation.discovery.data.ConnectionError;
import software.netcore.core_api.shared.AuthMethod;
import software.netcore.core_api.shared.ConnectorType;

/* loaded from: input_file:BOOT-INF/lib/core-3.24.0-STAGE.jar:net/unimus/core/service/connection/ssh/AbstractSshConnection.class */
abstract class AbstractSshConnection extends AbstractCliConnection {
    protected static final Matcher<Result> SSH_VERSION_MATCHER = Matchers.regexp("(?m)^SSH-.+");
    private static final String SSH_VERSION = "SSH-2.0-UNIMUS";
    protected Session sshSession;
    protected ChannelShell shell;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSshConnection(CliConnectionManager cliConnectionManager, CliProperties cliProperties, String str, int i, DeviceOutputCollector deviceOutputCollector, CliCachingPolicy cliCachingPolicy, ExecutorService executorService) {
        super(cliConnectionManager, cliProperties, str, i, deviceOutputCollector, cliCachingPolicy, executorService);
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public ConnectorType getType() {
        return ConnectorType.SSH;
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public ConnectAndAuthenticateResult connectAndAuthenticate(Credential credential) throws InterruptedException {
        if (this.deviceCli != null) {
            disconnect();
            throw new IllegalStateException("This connection was already connected");
        }
        ConnectAndAuthenticateResult connect = connect(credential);
        return (connect.connectionSuccessful() && connect.getAuthenticationError() == null) ? connect.getLoginResult() != null ? connect : authenticate(credential) : connect;
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public String getServerIdentificationString() {
        if (this.sshSession != null) {
            return this.sshSession.getServerVersion();
        }
        throw new IllegalStateException("SSH session not connected");
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    protected String getCommandSubmissionSequence() {
        return "\r";
    }

    protected abstract ConnectAndAuthenticateResult connect(Credential credential) throws InterruptedException;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public void disconnectProtocol() {
        if (this.shell == null && this.sshSession == null) {
            return;
        }
        decorateSessionDataOutput("disconnect - channel & session");
        if (this.shell != null) {
            this.log.trace("Closing SSH shell channel");
            this.shell.disconnect();
            this.shell = null;
        }
        if (this.sshSession != null) {
            this.log.trace("Closing SSH session");
            this.sshSession.disconnect();
            this.sshSession = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ConnectAndAuthenticateResult connectSsh(JSch jSch, Credential credential) {
        int connectTimeout = this.cliProperties.getConnectTimeout();
        int expectTimeout = this.cliProperties.getExpectTimeout();
        if (credential.getAuthMethod() == AuthMethod.SSH_KEY) {
            try {
                jSch.addIdentity("", credential.getSshKey().getBytes(), null, null);
            } catch (JSchException e) {
                this.sshSession = null;
                this.log.debug("Failed to use SSH key on '{}:{}', '{}', '{}'", this.address, Integer.valueOf(this.port), e.getClass().getSimpleName(), e.getMessage());
                return ConnectAndAuthenticateResult.builder().authenticationError(AuthenticationError.CREDENTIAL_FORMAT_INVALID_ERROR).build();
            }
        } else {
            if (credential.getAuthMethod() != AuthMethod.PASSWORD) {
                this.sshSession = null;
                throw new IllegalArgumentException("SSH Authentication method '" + credential.getAuthMethod() + "' not supported");
            }
            this.sshSession.setPassword(credential.getPassword());
        }
        this.sshSession.setClientVersion(SSH_VERSION);
        try {
            decorateSessionDataOutput("connect - session");
            this.sshSession.connect(connectTimeout);
            try {
                this.shell = (ChannelShell) this.sshSession.openChannel("shell");
                if (this.shell == null) {
                    disconnect();
                    return ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.INTERNAL_ERROR).build();
                }
                this.shell.setTerminalMode(new byte[]{53, 0, 0, 0, 1, 0});
                this.shell.setPtyType(this.cliProperties.getCliTerminalType(), this.cliProperties.getCliTerminalWidth(), this.cliProperties.getCliTerminalHeight(), JdkLoggerFormatter.LOG_LEVEL_INFO, 600);
                try {
                    decorateSessionDataOutput("connect - shell channel");
                    this.shell.connect();
                    try {
                        buildDeviceCli(expectTimeout, this.shell.getOutputStream(), this.shell.getInputStream(), this.shell.getExtInputStream());
                        return ConnectAndAuthenticateResult.builder().build();
                    } catch (IOException e2) {
                        disconnect();
                        return ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.CONNECTION_ERROR).build();
                    }
                } catch (JSchException e3) {
                    disconnect();
                    return ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.CONNECTION_ERROR).build();
                }
            } catch (JSchException e4) {
                disconnect();
                return ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.INTERNAL_ERROR).build();
            }
        } catch (JSchException e5) {
            this.log.debug("Failed to connect SSH session to '{}':'{}' - ", this.address, Integer.valueOf(this.port), e5);
            disconnect();
            String lowerCase = e5.getMessage().toLowerCase();
            return (lowerCase.contains("auth fail") || lowerCase.contains("auth cancel") || lowerCase.contains("too many authentication failures")) ? ConnectAndAuthenticateResult.builder().loginResult(new CliLoginResult(Collections.singletonList(States.AUTH_FAILED), "")).build() : lowerCase.equals("algorithm negotiation fail") ? ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.UNSUPPORTED_ALGORITHM).build() : e5.getCause() instanceof UnknownHostException ? ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.UNKNOWN_HOSTNAME).build() : e5 instanceof PasswordChangeRequestedException ? ConnectAndAuthenticateResult.builder().authenticationError(AuthenticationError.REQUESTED_PASSWORD_CHANGE).build() : ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.CONNECTION_ERROR).build();
        }
    }
}
